4 matches found
CVE-2025-8439
CVE-2025-8439 affects Wazifa System 1.0 (code-projects) and stems from SQL injection in /controllers/updatesettings.php where the Password parameter is manipulated. Multiple connected sources confirm remote exploitation potential with public disclosure. Impact cited as high/critical depending on ...
CVE-2025-1209
A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is the function searchuser of the file /searchresualts.php. The manipulation of the argument firstname/lastname leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2024-12001
A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...
CVE-2024-10699
A vulnerability was found in code-projects Wazifa System 1.0. It has been classified as critical. This affects an unknown part of the file /controllers/logincontrol.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit h...